Documentation
¶
Index ¶
- func ExtractTeamIDFromCertificate(identity string) string
- func FindBestIdentity() string
- func FindDeveloperID() string
- func GetCertificateTeamID() string
- func GetSignatureInfo(bundlePath string) (map[string]string, error)
- func HasDeveloperIDCertificate() bool
- func ListAvailableIdentities() ([]string, error)
- func ValidateCodeSignIdentity(identity string) error
- func VerifySignature(bundlePath string) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractTeamIDFromCertificate ¶
ExtractTeamIDFromCertificate attempts to extract the team ID from a certificate identity string. Developer ID certificates typically include the team ID in parentheses at the end of the certificate name.
Example: "Developer ID Application: Company Name (ABC123DEF4)" -> "ABC123DEF4"
Returns the team ID if found, empty string otherwise.
func FindBestIdentity ¶
func FindBestIdentity() string
FindBestIdentity returns the strongest available signing identity. Preference order: Developer ID Application > Apple Development > "". Returns empty string if no Apple-issued identity is found; callers should fall back to ad-hoc ("-") when appropriate.
func FindDeveloperID ¶
func FindDeveloperID() string
FindDeveloperID attempts to find a Developer ID Application certificate by querying the system keychain for available code signing identities.
Only "Developer ID Application" certificates are returned. Other certificate types (e.g. "Apple Development") are rejected because Gatekeeper blocks apps signed with them when launched via LaunchServices, causing EPOLICY (error 163).
Returns the certificate name/identity string, or empty string if none found.
func GetCertificateTeamID ¶
func GetCertificateTeamID() string
GetCertificateTeamID retrieves the team ID from the first available Developer ID certificate. This combines FindDeveloperID and ExtractTeamIDFromCertificate for convenience.
Returns the team ID from the certificate, or empty string if no Developer ID certificate is found or no team ID can be extracted.
func GetSignatureInfo ¶
GetSignatureInfo retrieves detailed information about the bundle's code signature. Returns a map containing signature details such as signing identity, team ID, and other code signing attributes.
The returned map may contain keys such as:
- "Authority": The signing authority/certificate name
- "TeamIdentifier": The developer team ID
- "Identifier": The bundle identifier used for signing
- "Format": The signature format
func HasDeveloperIDCertificate ¶
func HasDeveloperIDCertificate() bool
HasDeveloperIDCertificate checks if the system has any Developer ID certificates installed. This is useful for determining whether automatic code signing is possible.
Returns true if at least one Developer ID certificate is found.
func ListAvailableIdentities ¶
ListAvailableIdentities returns a list of available code signing identities from the system keychain. Useful for debugging and identity selection.
Returns a slice of identity strings that can be used with code signing tools.
func ValidateCodeSignIdentity ¶
ValidateCodeSignIdentity checks if the provided code signing identity is valid and available in the system keychain.
The special identity "-" (ad-hoc signing) is always considered valid. For other identities, this function verifies they exist in the keychain.
func VerifySignature ¶
VerifySignature verifies that a bundle is properly code signed. Returns nil if the signature is valid, error otherwise.
This function performs a deep verification of the code signature, including all embedded frameworks and resources.
Types ¶
This section is empty.
Source Files